mirrors
/
nextcloud
mirror of https://github.com/nextcloud/server.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 984 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
60903 Commits
367 Branches
Tree: 6312c0df69
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '6312c0df69'
${ noResults }
nextcloud/tests/lib/AppFramework/Middleware/Security/BruteForceMiddlewareTest.php

BruteForceMiddlewareTest.php 6.1KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193 
  1. <?php

  2. /**

  3.  * @copyright Copyright (c) 2017 Lukas Reschke <lukas@statuscode.ch>

  4.  *

  5.  * @license GNU AGPL version 3 or any later version

  6.  *

  7.  * This program is free software: you can redistribute it and/or modify

  8.  * it under the terms of the GNU Affero General Public License as

  9.  * published by the Free Software Foundation, either version 3 of the

  10.  * License, or (at your option) any later version.

  11.  *

  12.  * This program is distributed in the hope that it will be useful,

  13.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  14.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

  15.  * GNU Affero General Public License for more details.

  16.  *

  17.  * You should have received a copy of the GNU Affero General Public License

  18.  * along with this program.  If not, see <http://www.gnu.org/licenses/>.

  19.  *

  20.  */

  21. 

  22. namespace Test\AppFramework\Middleware\Security;

  23. 

  24. use OC\AppFramework\Middleware\Security\BruteForceMiddleware;

  25. use OC\AppFramework\Utility\ControllerMethodReflector;

  26. use OC\Security\Bruteforce\Throttler;

  27. use OCP\AppFramework\Controller;

  28. use OCP\AppFramework\Http\Response;

  29. use OCP\IRequest;

  30. use Test\TestCase;

  31. 

  32. class BruteForceMiddlewareTest extends TestCase {

  33. 	/** @var ControllerMethodReflector|\PHPUnit\Framework\MockObject\MockObject */

  34. 	private $reflector;

  35. 	/** @var Throttler|\PHPUnit\Framework\MockObject\MockObject */

  36. 	private $throttler;

  37. 	/** @var IRequest|\PHPUnit\Framework\MockObject\MockObject */

  38. 	private $request;

  39. 	/** @var BruteForceMiddleware */

  40. 	private $bruteForceMiddleware;

  41. 

  42. 	protected function setUp(): void {

  43. 		parent::setUp();

  44. 

  45. 		$this->reflector = $this->createMock(ControllerMethodReflector::class);

  46. 		$this->throttler = $this->createMock(Throttler::class);

  47. 		$this->request = $this->createMock(IRequest::class);

  48. 

  49. 		$this->bruteForceMiddleware = new BruteForceMiddleware(

  50. 			$this->reflector,

  51. 			$this->throttler,

  52. 			$this->request

  53. 		);

  54. 	}

  55. 

  56. 	public function testBeforeControllerWithAnnotation() {

  57. 		$this->reflector

  58. 			->expects($this->once())

  59. 			->method('hasAnnotation')

  60. 			->with('BruteForceProtection')

  61. 			->willReturn(true);

  62. 		$this->reflector

  63. 			->expects($this->once())

  64. 			->method('getAnnotationParameter')

  65. 			->with('BruteForceProtection', 'action')

  66. 			->willReturn('login');

  67. 		$this->request

  68. 			->expects($this->once())

  69. 			->method('getRemoteAddress')

  70. 			->willReturn('127.0.0.1');

  71. 		$this->throttler

  72. 			->expects($this->once())

  73. 			->method('sleepDelayOrThrowOnMax')

  74. 			->with('127.0.0.1', 'login');

  75. 

  76. 		/** @var Controller|\PHPUnit\Framework\MockObject\MockObject $controller */

  77. 		$controller = $this->createMock(Controller::class);

  78. 		$this->bruteForceMiddleware->beforeController($controller, 'testMethod');

  79. 	}

  80. 

  81. 	public function testBeforeControllerWithoutAnnotation() {

  82. 		$this->reflector

  83. 			->expects($this->once())

  84. 			->method('hasAnnotation')

  85. 			->with('BruteForceProtection')

  86. 			->willReturn(false);

  87. 		$this->reflector

  88. 			->expects($this->never())

  89. 			->method('getAnnotationParameter');

  90. 		$this->request

  91. 			->expects($this->never())

  92. 			->method('getRemoteAddress');

  93. 		$this->throttler

  94. 			->expects($this->never())

  95. 			->method('sleepDelayOrThrowOnMax');

  96. 

  97. 		/** @var Controller|\PHPUnit\Framework\MockObject\MockObject $controller */

  98. 		$controller = $this->createMock(Controller::class);

  99. 		$this->bruteForceMiddleware->beforeController($controller, 'testMethod');

  100. 	}

  101. 

  102. 	public function testAfterControllerWithAnnotationAndThrottledRequest() {

  103. 		/** @var Response|\PHPUnit\Framework\MockObject\MockObject $response */

  104. 		$response = $this->createMock(Response::class);

  105. 		$this->reflector

  106. 			->expects($this->once())

  107. 			->method('hasAnnotation')

  108. 			->with('BruteForceProtection')

  109. 			->willReturn(true);

  110. 		$response

  111. 			->expects($this->once())

  112. 			->method('isThrottled')

  113. 			->willReturn(true);

  114. 		$response

  115. 			->expects($this->once())

  116. 			->method('getThrottleMetadata')

  117. 			->willReturn([]);

  118. 		$this->reflector

  119. 			->expects($this->once())

  120. 			->method('getAnnotationParameter')

  121. 			->with('BruteForceProtection', 'action')

  122. 			->willReturn('login');

  123. 		$this->request

  124. 			->expects($this->once())

  125. 			->method('getRemoteAddress')

  126. 			->willReturn('127.0.0.1');

  127. 		$this->throttler

  128. 			->expects($this->once())

  129. 			->method('sleepDelay')

  130. 			->with('127.0.0.1', 'login');

  131. 		$this->throttler

  132. 			->expects($this->once())

  133. 			->method('registerAttempt')

  134. 			->with('login', '127.0.0.1');

  135. 

  136. 		/** @var Controller|\PHPUnit\Framework\MockObject\MockObject $controller */

  137. 		$controller = $this->createMock(Controller::class);

  138. 		$this->bruteForceMiddleware->afterController($controller, 'testMethod', $response);

  139. 	}

  140. 

  141. 	public function testAfterControllerWithAnnotationAndNotThrottledRequest() {

  142. 		/** @var Response|\PHPUnit\Framework\MockObject\MockObject $response */

  143. 		$response = $this->createMock(Response::class);

  144. 		$this->reflector

  145. 			->expects($this->once())

  146. 			->method('hasAnnotation')

  147. 			->with('BruteForceProtection')

  148. 			->willReturn(true);

  149. 		$response

  150. 			->expects($this->once())

  151. 			->method('isThrottled')

  152. 			->willReturn(false);

  153. 		$this->reflector

  154. 			->expects($this->never())

  155. 			->method('getAnnotationParameter');

  156. 		$this->request

  157. 			->expects($this->never())

  158. 			->method('getRemoteAddress');

  159. 		$this->throttler

  160. 			->expects($this->never())

  161. 			->method('sleepDelay');

  162. 		$this->throttler

  163. 			->expects($this->never())

  164. 			->method('registerAttempt');

  165. 

  166. 		/** @var Controller|\PHPUnit\Framework\MockObject\MockObject $controller */

  167. 		$controller = $this->createMock(Controller::class);

  168. 		$this->bruteForceMiddleware->afterController($controller, 'testMethod', $response);

  169. 	}

  170. 

  171. 	public function testAfterControllerWithoutAnnotation() {

  172. 		$this->reflector

  173. 			->expects($this->once())

  174. 			->method('hasAnnotation')

  175. 			->with('BruteForceProtection')

  176. 			->willReturn(false);

  177. 		$this->reflector

  178. 			->expects($this->never())

  179. 			->method('getAnnotationParameter');

  180. 		$this->request

  181. 			->expects($this->never())

  182. 			->method('getRemoteAddress');

  183. 		$this->throttler

  184. 			->expects($this->never())

  185. 			->method('sleepDelay');

  186. 

  187. 		/** @var Controller|\PHPUnit\Framework\MockObject\MockObject $controller */

  188. 		$controller = $this->createMock(Controller::class);

  189. 		/** @var Response|\PHPUnit\Framework\MockObject\MockObject $response */

  190. 		$response = $this->createMock(Response::class);

  191. 		$this->bruteForceMiddleware->afterController($controller, 'testMethod', $response);

  192. 	}

  193. }